Ivanti Blog: Posts by

To Thrive in the Everywhere Workplace, IT and Security Teams Need to Work Together

Mon, 10 Oct 2022 16:35:39 Z

It’s Cybersecurity Awareness Month. For a CIO, this is like the holidays, and there’s lots to celebrate and lots to do. By reading this, you’re helping me check something off my list: I want everyone in the IT and security landscape to know how these two teams can work together for a more efficient, productive and secure enterprise.

To those outside the departments, IT and security teams are often conflated. (“Don’t they both deal with technical stuff?”)

And yet, IT and security have very different roles and objectives, and those objectives are often in direct conflict with one another. At the risk of oversimplification, IT is under a lot of pressure to move quickly, adjusting and rolling out DevOps with relentless speed.

Meanwhile, security is tasked with mitigating threats to existing products and making sure new releases are as secure as possible.

Fast or secure – do you have to pick one?

IT’s focus on speed doesn’t play well with security’s focus on security.

The solution isn’t to compromise on speed or security.

The solution is to enable IT and security to work together.

As CIO at Ivanti, I have the privilege of being involved in the incredible work of the IT and security teams.

A CIO perspective has allowed me insights into how these teams can leverage each other’s skills and knowledge to be even greater than the sum of their parts. With the two skilled teams we have here at Ivanti, this is saying a lot.

How to foster collaboration between IT and security

Strategy #1: IT and security teams need a single – and shared – source of truth

That seems obvious enough, right? But you’d be shocked how many IT and security teams rely on multiple, disparate, potentially conflicting sources of truth. Conflicting sources add fuel to the fire that’s already smoldering, given conflicting objectives.

Even though both teams have different tasks, they can inform those tasks with the same data points. Automating data gathering and processing can help mitigate human error and role-based biases.

Relying on the same, single source of truth also means less rework and unnecessary replication – a critical part of helping both teams be more efficient. Ivanti Neurons for ITSM delivers a single source of truth for assets, security and events.

Strategy #2: Embrace DevSecOps

DevSecOps isn’t simply about tossing security into DevOps. It’s a fundamental shift wherein security is an integral part of the DevOps processed and integrated from the very beginning – helping to align priorities.

Embracing DevSecOps also benefits IT by ensuring security isn’t slowing development by weighing in late in the game. It also benefits security by helping to ensure that the IT team isn’t rolling out products that may have security gaps that impact the security team’s objectives.

Strategy #3: Create context

Patching is an overwhelming task for even the strongest IT team. But patching without security context is nothing more than busy work. Risk-based vulnerability management makes a massive difference in threat detection and remediation, ensuring that teams are focused on the right threats at the right time.

Even better, automated risk-based intelligence creates context without creating more work for your team. And when risk-based intelligence solutions can integrate with other security and IT management tools, all key stakeholders get visibility to the same context and information so they can attack the problem together.

Strategy #4: Become customer zero

Have you prioritized security at the expense of access and usability? Have you prioritized features over security?

At Ivanti, we embrace the concept of “Customer Zero” we make ourselves the first customer for any solution before we release that solution publicly. Being customer zero can help you understand any IT and security solutions with significantly greater depth.

Adopt solutions and embrace real-world usage and feedback before you finalize any DevSecOps effort. It’s one thing to assume how a solution will affect IT, security and other teams in your enterprise – it’s another thing to know the impact and hear feedback directly from stakeholders.

The bottom line

Rather than conflict, IT and security can elevate each other. Both teams just need the right support and strategies in place.

Here’s to creating a more efficient, secure enterprise – together. Learn more about how the Ivanti Neurons hyperautomation platform can help.

Going All In: Why Customer Zero Is the Ultimate Gift to Your Customers – and Your Own Team

Tue, 23 Aug 2022 18:16:23 Z

Innovation in DevSecOps must keep pace with the speed of the dynamic, volatile modern cybersecurity environment. Yesterday’s solution worked beautifully…yesterday. What has it done for me today?

Continual iteration and speed are paramount, but they’re not without risks.

As a SaaS provider, how do you know that the latest evolution of your product works at scale? How do you know that it works at all?

How do you know that it’s intuitive, accessible, effective, user-friendly and everything else that’s (rightfully) the cost of entry in the SaaS landscape?

The answer: You don’t… unless you acquire one more essential customer – your own company.

It’s called a Customer Zero program, and we’ve gone all in on it at Ivanti.

We are our own first customer. We encourage adoption, real-world usage and feedback to see how our products and updates work before we finalize DevSecOps and deploy those products to our full external customer base.

What is a Customer Zero program?

As much as we’d like to take credit for this idea, we’re standing on the shoulders of giants here.

Early on, Apple famously set a goal to stop buying typewriters and remove existing typewriters from Apple offices. Why? They wanted to use their own products and experience what they were asking their customers to experience.

A notorious memo at Microsoft went to a manager imploring him to “Eat his own dog food” – meaning that he should increase internal usage of the company’s product, Windows NT.

The takeaway from that arresting headline: if it’s not good enough for you to eat, why would you feed it to your dog?

In the same vein, if a product isn’t good enough for your company to use, why would you deploy it for your customers?

That’s what a Customer Zero program does: It forces a company to use its own products and services in such a way that they become driven to iterate, improve and prove its utility before releasing it to the general public.

In effect, you become the customer-before-the-first-customer – Customer Zero.

Customer Zero programs are the ultimate case study

Customer Zero can support DevSecOps in a wide range of environments, but we’re fortunate to have had a particularly useful scenario right here at Ivanti.

We grew exponentially in a very short time, thanks to several strategic acquisitions. After the mergers, we skyrocketed to 3,200 employees, a billion dollars of revenue and a customer base that includes 96 of the fortune 100.

That rapid scaling – plus the mixing of different security protocols and structures – offered a phenomenal testing ground for products designed to lead the industry through an unpredictable time. It’s one thing to kick the proverbial tires first; it’s another to put solutions to work in the real world amid constant change.

Ivanti’s Customer Zero during the COVID-19 pandemic

During the peak of the COVID-19 pandemic, for example, we remotely managed and provisioned around 3,000 devices globally while deprovisioning approximately 2,000 devices globally.

Today, we generate over 22,000 tickets in our Neurons for ITSM platform internally, with automatic resolution and self-help functionality giving back a ton of our internal IT support team’s time and bandwidth for critical matters.

Ultimately, our team used our own Ivanti tools for patching, upgrades and remote support – without requiring any major increases in our team headcount.

That’s an important advantage given the worldwide shortage of IT staff, and we’re proud to pass that advantage on to our customers.

Ivanti’s Customer Zero as part of internal DevSecOps processes

In Ivanti’s own DevSecOps program, we deploy our Neurons for Risk-based Vulnerability Management (RBVM) software as part of our internal CI / CD process.

Within that CI process, we scan our code for vulnerabilities. Those scan results are ingested right into the Neurons platform, where our software can aggregate that information, evaluate it and prioritize the critical security issues that we have in developing our code.

Neurons for RBVM generates a ticket in our central Neurons for ITSM platform, which then tracks remediation of that vulnerability. Full remediation of any vulnerabilities triggers the deployment of our code securely into production environment.

This is a major step in securing our customer-facing environments, so they are not exposed to security vulnerabilities that may have been injected during the regular development process.

Serving as Customer Zero for either our asset management or DevSecOps programs aren’t a chance to pat ourselves on the back, however.

We expect – and get – unfiltered, candid feedback about issues, functionality, user experience and more. We take that feedback seriously and make changes accordingly.

Our current teams represent a fantastic mix of talent and perspective from our various acquisitions, and that enables diverse and knowledgeable insights that we can act on quickly.

Ivanti's Customer Zero goals

Our high-level goals for this program are to drive:

Product transformation
- Like a lot of our customers, Ivanti has a portfolio of on-premises products that are moving to the cloud. By serving as Customer Zero and using all SaaS products, we can get rapid feedback on the migration experience and any issues that arise with gaps between on-premises and SaaS.
Product integration
- Our customers want to be able to acquire products with different technology stacks and have those products work together seamlessly. To take full advantage of Ivanti’s integrated solutions, Customer Zero evaluates the usage of our products through a single pane of glass or via APIs. Our teams test these integrations to check for consistency and user experience.
Product confidence
- Customer Zero is integral to building product confidence, both internally and externally. It’s important that our sales teams and our customers can point to real-world evidence that our products perform as advertised.

Customer Zero means we can innovate quickly and confidently, even in uncertain territory.

With Customer Zero, we can future-proof our technology by implementing Ivanti products that leverage key elements in rapidly evolving areas, including:

Artificial intelligence (AI)
Hyperautomation
Edge computing
Cybersecurity
Machine learning (ML)
DevSecOps

The Customer Zero experience at Ivanti in 2022 – and beyond

By serving as our own testing ground, we get to operate at the leading edge of innovation and experience it ourselves. Thus far, that experience has been thrilling.

For both ourselves and our customers, we’ve made it possible to manage complex IT data from a single source of truth. We can discover, manage, secure and service assets, while supporting the remediation of critical vulnerabilities.

Through our own platforms and products, we can leverage that single source of truth to inform our AI and ML functions to accelerate automation and remediation.

I have been working in this space for some time, and having these functions all working together is the holy grail for IT. It’s exciting for our teams at Ivanti to be the first to try it. It’s even more exciting to share it with our customers.

The bottom line: Customer Zero is about using what you have. Innovate internally to find out what works and what doesn’t. Iterate. Get it right.

Successful companies commit and go all in with their customer, and that means walking the walk with them.

It comes back to the dog food. Why would we send our customers something we wouldn’t use – and thrive with – ourselves?

If you’d like to see what we’ve been “eating” – from our own ITSM systems to DevSecOps processes and beyond – then check out our Ivanti Neurons solutions to see if it’s something your organization might want to consider. It contains all the insights and learnings we’ve gleaned from our own company, straight to you.

Why the Future of the Employee Experience at Work Hinges on IT

Thu, 23 Jun 2022 17:03:23 Z

As the world enters the post-pandemic era, employers and IT teams face a variety of new challenges. Some should be high on the long-term priority list. Others need to be addressed immediately. Here’s a snapshot of what we’re facing:

The new Everywhere Workplace demands that employees have an engaging, positive, productive experience with the technology they use at work. They expect IT to provide services that are functionally ambient.
The impacts from global supply chain disruptions and ongoing conflicts between nations are many, far-reaching, and sometimes slow to surface. IT must be ready to respond in the midst of considerable uncertainty.
IT still must grapple with several pre-pandemic challenges, including rampant, constantly evolving cyberthreats and an explosion of edge devices.

Addressing one or two of these challenges isn’t enough. Success for the Everywhere Workplace means IT navigating all these challenges – and more – simultaneously amid considerable uncertainty. And all this comes when resignations among IT workers surpass many other departments – even by Great Resignation standards. Estimates put the worldwide shortage of IT workers at more than 2.7 million.

It's understandable, then, that many consider it impossible to create and manage the technology foundation of the new Everywhere Workplace. It involves keeping networks, applications, PCs, mobile devices, edge devices, IIOT devices connected and secure, everywhere, all in an uncertain climate.

I used the word “impossible” because, for an IT team to do this manually is essentially impossible. There is simply no way for IT to manage the incredible complexity and mind-boggling number of integration points.

Enter Ivanti Neurons. Ivanti Neurons is a hyperautomation platform designed to self-heal, self-service and self-secure devices from cloud to edge. It can preemptively resolve up to 80% of endpoint issues and reduce costly unplanned outages by up to 60%. Since launching the Ivanti Neurons platform in July 2020, Ivanti has rapidly and continually innovated to help enterprises get ahead of the many pre- and post-pandemic challenges.

Here’s what that looks like for some key IT activities:

Discovery

Ivanti Neurons for Discovery delivers accurate and actionable asset information in minutes. Automatically discover and map linkages between key assets with the services and applications that depend on those assets.

Edge device management

Ivanti Neurons for Edge Intelligence gives IT the ability to query all edge devices using natural language processing (NLP) and get real-time intelligence across the enterprise in seconds. It provides quick operational awareness, real-time inventory, and security configurations across the edge leveraging sensor-based architecture.

Service

Take troubleshooting off your agenda with Ivanti Neurons for Healing. It offers automatic detection, diagnosing, healing and ticket classification of endpoint and security issues. Hyper-automation of routine tasks paves the way to creating a truly self-healing environment, reducing time and costs, while improving the employee experience.

Ivanti Neurons: Purpose-built for this moment

Technology built for the enterprise is often chosen as a bolt-on to existing products without considering how it will negatively affect the experience employees have downstream. Ivanti Neurons offers a secure, contextualized and productive digital experience. This is absolutely critical for the future of work, with an indelible impact on both productivity and employee engagement and retention.

When it comes to the importance of employees’ digital experience, you don’t have to take our word for it, but there are many IT departments that still don’t understand the benefit. In our Everywhere Workplace Report, we note that IT staff were even more likely than non-IT office workers to emphasize the importance of modernizing the IT helpdesk in the Everywhere Workplace. Why? Because every day, they see the massive impact of a positive change in employees’ digital experience.

Emphasizing the employee’s digital experience has a positive ripple effect. Ivanti Neurons delivers real-time metrics on employee experience that facilitate faster, better decisions on IT resource allocation and spend. The impact: groundbreaking speed and efficiency on top of a better employee experience.

We’re at an inflection point. The charter for IT is getting more complex and the climate more uncertain. The future of work depends on making the right investments now. Ivanti Neurons solutions are the right investment.